[HDW] GPUs used to Successfully Crack Wi-Fi Passwords - Page 3 - Overclock.net

justarealguy · 01-18-09

Quote:

Originally Posted by mrtn400

This is why I use MAC filtering, instead of a password with my network.

lmao!

Let me sniff your packets and grab your MAC. Then spoof my pc to look like yours.

Too easy.

DigitalSonata · 01-18-09

The article has its facts wrong, for WPA what happens is you sit and wait for someone to join the network and you capture the four-way authentication handshake, then you have a file you can upload to your cluster to be cracked or do it yourself with a laptop. You don't slam away at the AP trying every password, that would take ages. MAC filtering is a joke, and only delays an attack by ten seconds or so.

Hopefully this software will go open source, I may consider building a cluster with a bunch of GPUs.

Licht · 01-18-09

Quote:

Originally Posted by DigitalSonata

The article has its facts wrong, for WPA what happens is you sit and wait for someone to join the network and you capture the four-way authentication handshake, then you have a file you can upload to your cluster to be cracked or do it yourself with a laptop. You don't slam away at the AP trying every password, that would take ages. MAC filtering is a joke, and only delays an attack by ten seconds or so.

Hopefully this software will go open source, I may consider building a cluster with a bunch of GPUs.

I was surprised they weren't using the GPU more intelligently myself. Use them to try and decrypt weak packets instead of wasting all this time.

Bacchus451 · 01-18-09

Quote:

Originally Posted by MalVeauX

Heya,

It's interesting all right, but really, who wants to break into millions of wifi users little networks? What's the point? Sure, they may be wide open, or maybe not so much. What is there truly to lose? They made a copy of your pictures? Copied your music? Grabbed your book marks or stored passwords to various sites and will access them? Anyone who's putting the money into that kind of software, the hardware that is travel ready and wanting to get basically in your front yard to have a strong enough signal to sit there and try it probably isn't interested in your piddly bank account's emptiness (not that they can actually do anything with it, except issue a wire transfer, that will be traced and easily stopped, probably not interested in your weird porn collection, probably isn't interested in your accounts on netflix or various forums that you peruse. The prime use of this tech on casual user level is to try and find sex videos of celebrities to then try to sell. Only to be busted in the end anyways. On the high end level of trying to break into serious intranets that have a wifi, this simply won't work. This is a dictionary passkey brute force attack. These attacks are instantly recognized and blocked. You could do the same for your own wifi at home depending on the hardware you use.

This technology is more just a novelty `scare' than actually dangerous.

Dangerous would be a brute force wifi GPU cruncher that could cause brain tumors to the fools sitting in their car in someone's front yard.

Brute force cracking of passwords is a very inefficient way to do it. And really, won't be of any use against any wifi network that isn't run by someone who uses "god" or "puppies" as the passwords.

If these guys want to impress someone with $1,000 software that uses a GPU to simply output thousands of complied `passwords' that are just dictionary words (and combination of dictionary words) they should have produced a brute force attacker that could do 16 digit random alpha-numeric busting so that they could hang out for a few million years trying to break into Timmy's network only to discover nothing of value nor interest...

Very best,

I prime reason I would want to use this is because I'm broke and apparently the people in my apartment complex with WiFi are not.

Also, tl;dr

thiussat · 01-18-09

Quote:

Originally Posted by mrtn400

This is why I use MAC filtering, instead of a password with my network.

MAC filtering is worthless. Easily gotten around in a few seconds.

thiussat · 01-19-09

OK, I am bored, so I just did some calculations on using these GPU's to brute force WPA passwords (or any password, really).

Let's assume our password is 30 alpha-numeric characters with no spaces. For simplicity, I omitted special characters like ()[]|$%^&*. Thus, the characters can be upper or lower case letters as well as numbers (a-z, A-Z, 0-9). This gives us 62 possibilities for each character of the password.

Now, since there are 62 possibilities per character and there are 30 characters, the calculation is pretty straight-forward.

Code:

62^30 = 5.91222134364e+53

In regular decimal notation that number is:

Code:

591,222,134,364,000,000,088,408,120,488,360,480,336,920,904,712,824,736

This is just shy of one septendecillion . The number is so large it's hard to even think about it in any meaningful way. So I wont bore myself with saying it's "one trillion trillion trillion," etc..

So, according to the chart posted here, a "Tesla S1070" can attempt about 52,400 password tries per second. There are 31,556,926 seconds in one year. Thus:

Code:

52,400 * 31,556,926 = 1.6535829224e+12

Or

1,653,582,922,400 password attempts per year.

So, one "Tesla" GPU can attempt about 1.6 trillion passwords per year. However, the poor Tesla falls well short - it's so short that 1.6 trillion attempts is not even noticeable.

Now, let's calculate it with 1,000 Tesla's running in a sort of "GPU supercomputer."

Code:

1000 *  52,400 = 52,400,000

This means 1000 Tesla's can calculate almost 52.5 million passwords per second. Now in one year, they can calculate:

Code:

52,400,000 * 31,556,926 =  1.6535829224e+15

This number is about 1.6 quadrillion password attempts per year. This is still about a duodecillion attempts short. Thus it would take 1,000 Teslas about a duodecillion years to brute force a 30 character random password.

Now, for some fun. The Earth's surface is comprised of about 7.9 x 10^17 square inches (oceans included). If we were to fit 1 Tesla GPU on every square inch (assuming Teslas were that small) of the Earth's land and ocean surface, we would obviously have an equivalent number of GPU's as there are square inches (7.9 X 10^17). That would give us about 790 quadrillion GPU's -- quite a supercomputer.

So, the calculations are trivial. We know how many passwords 1 Tesla can attempt in 1 second and we know how many attempts 1 Tesla can make in one year. So I will call this variable "1T." All we have to do is multiply 1T * 790 quadrillion. Thus:

Code:

1T * 7.9e+17 = 1.3063305087e+30

In decimal notation, that number is:

Code:

1,306,330,508,700,000,000,320,712,528,992

That's roughly somewhere around one nonillion password attempts per year for GPU's scaling every square inch of the Earth's surface.

Now, how many years would it take these 790 quadrillion GPU's to crack our little old 30 character random password? The variable Q will designate the amount of attempts per year of all these GPU's can make and the variable P will be the variable for our password and it's possible combinations. Thus:

Code:

P/Q = 4.5258235219e+23

In decimal notation, that number is:

Code:

452,582,352,190,000,000,120,744

This means it would take 790 quadrillion GPU's about 1/2 of 1 septillion years to brute force our password. For comparison, the age of the universe is about 13.6 billion years. So, 33,278,114,131,600 universes could reach the age ours is before this brute force succeeded. That's about 33.2 trillion universes.

But, not so fast. These calculations don't take into account the Von Neumann - Landauer Limit. Since reversible computing hasn't been invented yet, all computers are bound by the laws of thermodynamics.

An nVidia Tesla uses ~160 Watts of energy (I could be wrong, but it's all I could find online). 790 quadrillion of these would use 1.264e+17 KW of energy. That's 126,400,000,000,000,000 kilowatts.

Nuclear power plants will generate ~1,000,000 KW per hour of energy (or about 1 gigawatt). Thus, in order to power these GPU's, we would need 126,400,000,000 nuclear power plants dedicated to this project.

We would need to harness the energy of the sun (which is ~3.8 x 10^23 kilowatt hours) to make this work.

Squeeker The Cat · 01-19-09

thiussat ^^.you need to get a woman or an xbox or something dude!! nice numbers.you lost me there for a sec, but damn dude damn

Quote:

Originally Posted by Shadowrunner340

i use both

no one's getting in my intranet

same here!!

that7dude · 01-19-09

Quote:

Originally Posted by thiussat

OK, I am bored, so I just did some calculations on using these GPU's to brute force WPA passwords (or any password, really).

Let's assume our password is 30 alpha-numeric characters with no spaces. For simplicity, I omitted special characters like ()[]|$%^&*. Thus, the characters can be upper or lower case letters as well as numbers (a-z, A-Z, 0-9). This gives us 62 possibilities for each character of the password.

Now, since there are 62 possibilities per character and there are 30 characters, the calculation is pretty straight-forward.

Code:

62^30 = 5.91222134364e+53

In regular decimal notation that number is:

Code:

591,222,134,364,000,000,088,408,120,488,360,480,336,920,904,712,824,736

This is just shy of one septendecillion . The number is so large it's hard to even think about it in any meaningful way. So I wont bore myself with saying it's "one trillion trillion trillion," etc..

So, according to the chart posted here, a "Tesla S1070" can attempt about 52,400 password tries per second. There are 31,556,926 seconds in one year. Thus:

Code:

52,400 * 31,556,926 = 1.6535829224e+12

Or

1,653,582,922,400 password attempts per year.

So, one "Tesla" GPU can attempt about 1.6 trillion passwords per year. However, the poor Tesla falls well short - it's so short that 1.6 trillion attempts is not even noticeable.

Now, let's calculate it with 1,000 Tesla's running in a sort of "GPU supercomputer."

Code:

1000 *  52,400 = 52,400,000

This means 1000 Tesla's can calculate almost 52.5 million passwords per second. Now in one year, they can calculate:

Code:

52,400,000 * 31,556,926 =  1.6535829224e+15

This number is about 1.6 quadrillion password attempts per year. This is still about a duodecillion attempts short. Thus it would take 1,000 Teslas about a duodecillion years to brute force a 30 character random password.

Now, for some fun. The Earth's surface is comprised of about 7.9 x 10^17 square inches (oceans included). If we were to fit 1 Tesla GPU on every square inch (assuming Teslas were that small) of the Earth's land and ocean surface, we would obviously have an equivalent number of GPU's as there are square inches (7.9 X 10^17). That would give us about 790 quadrillion GPU's -- quite a supercomputer.

So, the calculations are trivial. We know how many passwords 1 Tesla can attempt in 1 second and we know how many attempts 1 Tesla can make in one year. So I will call this variable "1T." All we have to do is multiply 1T * 790 quadrillion. Thus:

Code:

1T * 7.9e+17 = 1.3063305087e+30

In decimal notation, that number is:

Code:

1,306,330,508,700,000,000,320,712,528,992

That's roughly somewhere around one nonillion password attempts per year for GPU's scaling every square inch of the Earth's surface.

Now, how many years would it take these 790 quadrillion GPU's to crack our little old 30 character random password? The variable Q will designate the amount of attempts per year of all these GPU's can make and the variable P will be the variable for our password and it's possible combinations. Thus:

Code:

P/Q = 4.5258235219e+23

In decimal notation, that number is:

Code:

452,582,352,190,000,000,120,744

This means it would take 790 quadrillion GPU's about 1/2 of 1 septillion years to brute force our password. For comparison, the age of the universe is about 13.6 billion years. So, 33,278,114,131,600 universes could reach the age ours is before this brute force succeeded. That's about 33.2 trillion universes.

But, not so fast. These calculations don't take into account the Von Neumann - Landauer Limit. Since reversible computing hasn't been invented yet, all computers are bound by the laws of thermodynamics.

An nVidia Tesla uses ~160 Watts of energy (I could be wrong, but it's all I could find online). 790 quadrillion of these would use 1.264e+17 KW of energy. That's 126,400,000,000,000,000 kilowatts.

Nuclear power plants will generate ~1,000,000 KW per hour of energy (or about 1 gigawatt). Thus, in order to power these GPU's, we would need 126,400,000,000 nuclear power plants dedicated to this project.

We would need to harness the energy of the sun (which is ~3.8 x 10^23 kilowatt hours) to make this work.

... wow...

niteshade · 01-19-09

Wow , you must have been extremely bored to sit there and figure that out.I don't think many people can remember a 30 character password, they can use 30 character pass-phrases but that (from what I recall) raises the chances of being figured out. I doubt anyone wants to use super long, hard to remember passwords, not for their wireless networks anyway.I think a good authentication protocol would be something that's personal to you and changes everyday, I have no clue what that is but I think it would add nice layer of security.

Unknownm · 01-19-09

NERD!!!

oh wait.. nvm!

		Overclock.net - Overclocking.net > Industry News > Software News
[HDW] GPUs used to Successfully Crack Wi-Fi Passwords

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)